Phishing attacks have become alarming, largely because large-scale cyber attacks can be enabled through any number of different and emerging phishing attacks. With a relatively dramatic increase in phishing prevalence, effectiveness and creativity in the deception and trickery of attacks, detection solutions continue to emerge. However, no single solution seems capable to mitigate all targeted vulnerabilities effectively.
According to a recent study (Spear-Phishing Email: Most Favored APT Attack Bait, Trend Micro Inc., Research Paper (2012)), about 91% of targeted cyber attacks start off with spear-phishing emails (i.e., a phishing email which includes personal information that appears to be from a trusted source to increase the probability of success) which makes spear-phishing a primary means by which advanced persistent attacks infiltrate target networks. For example, it is not uncommon for a spear-phishing attack to be a well crafted message, including clever and relevant social engineering tactics, sent to specific employees at a company. Convinced this is a legitimate email, employees click a link in the email which directs them to a malware/exploit-laden site or to download a malicious attachment.
Variety and creativity in new phishing attacks add a fundamental dimension to the problem. As an example, a new phishing attack can include taking over a background tab on a browser (such as a web email) and showing a fake login page that looks similar to the original one for the purpose of tricking the user into entering their login credentials. This type of phishing attack is a new deceiving attack that some anti-phishing tools are not designed to detect.
Additional issues can result from a response time from software vendors to update their tools in response to new attacks. This response time can give phishers, i.e., those that are associated with the phishing attacks, sufficient time to utilize such new attacks.